Commit graph

909 commits

Author SHA1 Message Date
Anders Kaseorg d169eb2a1b
install: Fix hash variable for Darwin.arm64 ()
When commit 233b61d3d6 () renamed
@binaryTarball_${system}@ to @tarballHash_${system}@, it updated this
reference for every platform except Darwin.arm64.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2021-05-11 15:43:44 +02:00
Travis A. Everett eab14a642c darwin: encrypt nix volume if filevault is enabled 2021-04-29 13:26:51 -05:00
Domen Kožar dc6a8f1548
Merge pull request from abathur/macos_nixbld_ids
fix nixbld user name/uid for macOS/darwin
2021-03-25 10:35:56 +01:00
Nicolas Stig124 FORMICHELLA 71f92741ec
Added Debian-based OS's profiles 2021-03-23 16:23:24 +01:00
Travis A. Everett 0431cf6d09 fix nixbld user name/uid for macOS 2021-03-11 10:16:34 -06:00
Domen Kožar 22aec8cef4
fix installer script 2021-02-21 15:51:49 +00:00
Domen Kožar ae4260f0a7
Generate installer script for each PR/push
This works by using Cachix feature of serving a file from
a store path.
2021-02-21 15:51:49 +00:00
Maximilian Bosch d9367a2dd1
scripts/install-nix-from-closure: only show progress if a terminal is used
While the progress dots during the copying of the store work fine on a
normal terminal, those look pretty off if the script is run inside a
provisioning script of e.g. `vagrant` or `packer` where `stderr` and
`stdout` are captured:

    default: .
    default: ..
    default: .
    default: .
    default: .

To work around this, the script checks with `-t 0` if it's
running on an actual terminal and doesn't show the progress if that's not
the case.
2021-01-22 10:35:02 +01:00
Matthew Bauer 692549c542 Use com.apple.oahd.plist for rosetta 2 detection 2020-12-04 13:28:09 -06:00
Matthew Bauer addf9f4ede Call it aarch64-darwin instead of arm64-darwin
gnu-config standardized on aarch64 for machine name so host_cpu part
of $system will always be aarch64. That means system will be
aarch64-darwin too.

uname however could report either “aarch64” (if gnu coreutils) or
“arm64” (if apple’s uname). We should support both for compatiblity
here.
2020-12-02 19:05:02 -06:00
Matthew Bauer b0de7b2016 Check for rosetta 2 support before installing 2020-12-02 18:35:48 -06:00
Jonas Chevalier 233b61d3d6
installer: simplify the per-build installation
The goal is to allow the installation and testing of arbitrary Nix
versions. Extend the base installer to accept a `--tarball-url-prefix
<url>` to change where the Nix tarball is getting downloaded from.

Once this is merged it should allow to:
1. Pick an evaluation at https://hydra.nixos.org/jobset/nix/master that
   looks healthy
2. Select the installedScript build and find the store path.

Now equipped with all of this, use an instance of nar-serve to fetch the
install script and release tarballs:

    curl -sfL https://nar-serve.numtide.com/nix/store/rkv4yh7pym941bhj0849zqdkg2546bdv-installer-script/install \
      | sh --tarball-url-prefix https://nar-serve.numtide.com/nix/store

Or with cachix, strip the /nix/store and derivation name and then:

    curl -sfL https://mycache.cachix.org/serve/rkv4yh7pym941bhj0849zqdkg2546bdv/install \
      | sh --tarball-url-prefix https://mycache.cachix.org/serve

Fixes 
2020-11-21 19:56:46 +01:00
Eelco Dolstra ae3191666f
Merge pull request from YorikSar/zsh-nix-profiles
Fix iterating over $NIX_PROFILES in Zsh
2020-11-17 15:53:44 +01:00
Travis A. Everett 4864df6d6b enable Darwin.arm64 to install x86_64 binary
Throwing @thefloweringash under the bus if this doesn't work, but it
sounds like Apple Silicon devices can use the x86_64 binary for now.

Fixes 
2020-11-10 08:48:49 -06:00
Yuriy Taraday 39fbd3d828 Fix iterating over $NIX_PROFILES in Zsh
NIX_PROFILES is space separated list of directories, and passing it into
for as is is considered to be 1-element list with the whole string. With
shwordsplit option Zsh emulates other shells in this regard ans
implicitely splits unquoted strings into words.

Fixes .
2020-10-21 00:03:38 +04:00
Domen Kožar e0ca98c207
Merge pull request from abathur/macos_big_sur_fixes
Macos big sur installer fixes
2020-10-20 12:18:23 +02:00
Travis A. Everett f289bdb9d4 discourage casual Big Sur installs 2020-10-19 12:28:08 -05:00
Travis A. Everett c40bad4151 create missing profile files to fix zsh envvars
Env vars for ZSH were moved from /etc/zshrc to /etc/zshenv in 
to address an issue with zshrc getting clobbered by OS updates, but
/etc/zshenv doesn't exist by default--so *nothing* would get set up
for zsh users unless they already happened to have /etc/zshenv.

Creating these files if they don't exist. Also cut separate creation
of profile.d/nix.sh, which isn't needed now.
2020-10-19 12:25:52 -05:00
Travis A. Everett b719f686a8 fix skipped multi-user install steps on macOS
Some of the changes in  to support non-systemd Nix installs
don't appear to be aware that the darwin installer exists, which
resulted in some skipped steps and inappropriate instructions.
2020-10-19 12:25:52 -05:00
Travis A. Everett fe807904e5 adapt to apfs.util flag diff in catalina/big sur
Fixes . Just runs both forms to minimize moving parts.
2020-10-19 12:24:31 -05:00
Travis A. Everett e736f8f6e4 replace xpath with xmllint --xpath; simplify
As mentioned in previous commit, Big Sur changes the syntax for the
xpath command slightly.

In the process of testing out replacements for these, I noticed a few
small simplification wins.
2020-10-19 12:24:04 -05:00
Travis A. Everett 1f02b65c59 fix xpath and conditional bugs; xpath -> xmllint
- xpath -> xmllint: xpath's cli interface changed in Big Sur
  rather than add conditional logic for picking the correct
  syntax for xpath, I'm changing to xmllint --xpath, which
  appears to be consistent across versions I've tested...

- /plist/dict/key[text()='Writable']/following-sibling::true[1]
  doesn't do quite what's expected. It was written to try to
  select a <true /> node paired with the Writable key, but it
  will also select the *next* <true /> node that appears even
  if it was paired with another key.

- I think there's also a logic bug in the conditionals here.
  I'm not sure anyone ever actuall saw it, thanks to the xpath
  bug, though. With the xpath fix, this conditional passes if /nix
  does not exist, / IS writable, and the version is Catalina+.

  I think it meant to test for /nix does not exist, / is NOT
  writable, and the version is Catalina+. I reworked this lightly
  to make it a little clearer at the code level.
2020-10-19 12:23:29 -05:00
Travis A. Everett 9c3dc9d7ca update macOS version handling for Big Sur
Keeping this commit narrow for reviewability, but some of these
conditionals will change in subsequent commits in this PR.

Fixes .
2020-10-19 12:22:30 -05:00
Eelco Dolstra 924712eef1 Installer: Set a known umask
Fixes , .
2020-09-30 17:48:49 +02:00
Eelco Dolstra 3e30710d95
Merge pull request from crinklywrappr/master
Add a script to install nix on non-systemd systems.
2020-07-31 16:44:26 +02:00
Alex Kovar 3294b0a4b0 Add newline to profile sourcing line 2020-07-18 10:24:22 -05:00
Daniel Fitzpatrick 39859b853c merged systemd installer with non-systemd installer. 2020-07-07 15:08:23 -05:00
Daniel Fitzpatrick fd42176a21 Add a script to install nix on non-systemd systems. 2020-07-06 21:59:18 -05:00
Jörg Thalheim 3685f4eec6
docs/installer: add correct curl flags
also see https://nixos.org/download.html
2020-06-23 23:04:10 +01:00
Daiderd Jordan 4e6d7cb55a
installer: don't require xz on darwin
On macOS the system tar has builtin support for lzma while xz isn't
available as a separate binary.  There's no builtin package manager
there available either so having to install lzma (without nix) would be
rather painful.
2020-05-27 20:58:42 +02:00
Eelco Dolstra 228857efc6 Merge pull request from surajbarkale/patch-1
Use /etc/zshenv instead of /etc/zshrc for profile
2020-05-27 11:10:08 +02:00
Domen Kožar 3d3c219d91
installer: fix unused variable 2020-05-26 16:23:03 +02:00
Domen Kožar 1a5ac894e9
Fix installer script bugs
- --no-channel-add didn't have effect on multi-user installation
- some new flags didn't work at all
- document all installer flags
2020-05-26 15:49:26 +02:00
Domen Kožar 909bdfb4b4
Merge pull request from domenkozar/multi-user-count
install-multi-user: allow overriding user count
2020-05-25 17:53:24 +02:00
Domen Kožar 573ff8dfca
Allow passing extra nix.conf to installer 2020-05-25 17:31:46 +02:00
Domen Kožar 90b0c630a0
install-multi-user: allow overriding user count 2020-05-25 17:16:38 +02:00
Domen Kožar 2a7ea2eb6c
scripts/create-darwin-volume.sh: remove unused variable 2020-05-23 11:12:05 +02:00
Suraj Barkale 909d8cb293
Use /etc/zshenv instead of /etc/zshrc for profile
As noted in https://github.com/NixOS/nix/issues/3456 the `/etc/zshenv` file provides a better place for sourcing the nix environment.
2020-05-22 11:05:25 +10:00
Daiderd Jordan d3df1889a1
installer: don't clobber synthetic.conf 2020-05-21 20:03:09 +02:00
Travis A. Everett 2b0a81d92d
focus on golden-path covering most scenarios
This should handle installation scenarios we can handle with
anything resembling confidence. Goal is approximating the existing
setup--not enforcing a best-practice...

Approaches (+ installer-handled, - manual) and configs each covers:

+ no change needed; /nix OK on boot volume:
  All pre-Catalina (regardless of T2 or FileVault use)

+ create new unencrypted volume:
  Catalina, pre-T2, no FileVault

+ create new encrypted-at-rest volume:
  Catalina, pre-T2, FileVault
  Catalina, T2, no FileVault

- require user to pre-create encrypted volume
  Catalina, T2, FileVault
2020-05-21 19:58:11 +02:00
Daiderd Jordan 477d7c2d07
installer: refuse apfs volume creation when FileVault is enabled 2020-05-21 19:58:11 +02:00
Daiderd Jordan bc24c09968
install: make synthetic.conf and fstab checks stricter 2020-05-21 19:58:11 +02:00
Daiderd Jordan 04f597c3f4
install: improve output and error handling 2020-05-21 19:58:11 +02:00
Daiderd Jordan caface1980
install: hide the store volume on darwin 2020-05-21 19:58:11 +02:00
Daiderd Jordan 083bb3bbfc
install: show macOS 10.15 message with --daemon 2020-05-21 19:58:10 +02:00
Daiderd Jordan 10202628b9
install: also configure ~/.zshenv
The default login shell for users on macOS 10.15 changed from bash to
zsh.  So while generally nonstandard we need to configure it to make nix
function out of the box on macOS.
2020-05-21 19:58:10 +02:00
Daiderd Jordan 0726ad5825
install: configure and bootstrap synthetic.conf on darwin
Starting macOS 10.15 /nix can't be creasted directly anymore due to the
readonly filesystem, but synthetic.conf was introduced to enable
creating mountpoints or symlinks for special usecases like package
managers.
2020-05-21 19:58:10 +02:00
Pavol Rusnak 9e12b2f5b8
Expose installer configuration environment variables via command line flags 2020-05-12 19:00:45 +02:00
Pavol Rusnak 46be11b762
Introduce NIX_INSTALLER_NO_CHANNEL_ADD which skips nix-channel --add 2020-05-12 12:13:40 +02:00
Greg Price 7313aa267b installer: Fix terminal colors.
The install-multi-user script uses blue, green, and red colors, as
well as bold and underline, to add helpful formatting that helps
structure its rather voluminous output.

Unfortunately, the terminal escape sequences it uses are not quite
well-formed.  The relevant information is all there, just obscured
by some extra noise, a leading parameter `38`.  Empirically, the
result is:

 * On macOS, in both Terminal.app and iTerm2, the spurious `38` is
   ignored, the rest of the escape sequence is applied, and the colors
   show up as intended.

 * On Linux, in at least gnome-terminal and xterm, the spurious `38`
   and the next parameter after it are ignored, and what's left is
   applied.  So in the sequence `38;4;32`, the 4 (underline) is
   ignored but the 32 (green) takes effect; in a more typical sequence
   like `38;34`, the 34 (blue) is ignored and nothing happens.

These codes are all unchanged since this script's origins as a
Darwin-only script -- so the fact that they work fine in common macOS
terminals goes some way to explain how the bug arose.

Happily, we can make the colors work as intended by just deleting the
extra `38;`.  Tested in all four terminals mentioned above; the new
codes work correctly on all of them, and on the two macOS terminals
they work exactly the same as before.

---

In a bit more technical detail -- perhaps more than anyone, me
included, ever wanted to know, but now that I've gone and learned it
I'll write it down anyway :) -- here's what's happening in these codes:

An ECMA-48 "control sequence" begins with `\033[` aka "CSI", contains
any number of parameters as semicolon-separated decimal numbers (plus
sometimes other wrinkles), and ends with a byte from 0x40..0x7e.  In
our case, with `m` aka "SGR", "Select Graphic Rendition".

An SGR control sequence `\033[...m` sets colors, fonts, text styles,
etc.  In particular a parameter `31` means red, `32` green, `34` blue,
`4` underline, and `0` means reset to normal.  Those are all we use.

There is also a `38`.  This is used for setting colors too... but it
needs arguments.  `38;5;nn` is color nn from a 256-color palette, and
`38;2;rr;gg;bb` has the given RGB values.

There is no meaning defined for `38;1` or `38;34` etc.  On seeing a
parameter `38` followed by an unrecognized argument for it, apparently
some implementations (as seen on macOS) discard only the `38` and
others (as seen on Linux) discard the argument too before resuming.
2020-03-24 21:15:01 -07:00